| Table of Contents |
|---|
...
New version of
...
Kiuwan
| Info |
|---|
A new version of CQM (2.2.0) Kiuwan has been released. Major changes are:
CQM is the default Model (i.e. a concrete set of active and pre-configured rules):
You can find new rules by comparing this release of CQM against previous version. A detailed description of the behavior of these new rules is available in rule’s description. |
| Info |
|---|
A new version of Kiuwan Engine has been released that incorporates bug fixes, performance and reliability improvements in rules and parsers. Kiuwan Engine is the binary code executed when an analysis is run.
|
...
Support for Scala programming language
...
Scala is a a general-purpose programming language providing support for functional programming and a strong static type system.
...
You can find these rules going to Models Management, select CQM and search for Rules applying to Scala language
Enhanced support for PL-SQL
Support for SAML Single Sign-On (SSO)
...
Since April 2019 release, Kiuwan allows you to login in a Single Sign-One (SSO) environment.
...
| Info |
|---|
Kiuwan provides support for SAML SSO, thus allowing you to integrate Kiuwan with most corporate users’ credentials repositories (Active Directory FS, Azure AD, CA Single Sing-On ,etc). You can read more here (XXXXXXXX).at How to integrate Kiuwan with SAML SSO |
Vulnerabilities and Licenses Policy Management in Kiuwan Insights
...
When searching for Vulnerabilities on open source code used by your application, you can now define your custom policy. Thus, you can decide now if raising alerts on specific vulnerabilities and conditions.
...
You can find further info at Vulnerabitities Vulnerabilities Management and Licenses Policies Management
Insights support for Ruby
Kiuwan Insights now support discovering of Ruby open-source dependencies used by your app,as well as informing of Ruby vulnerabilities reported to NVD
Kiuwan for Developers plugin for VisualStudio Code
=======
Support for Apache Cordova framework
Apache Cordova is a mobile application development framework that enables software programmers to build applications for mobile devices using CSS3, HTML5, and JavaScript, instead of relying on platform-specific APIs like those in Android, iOS, or Windows Phone.
This new Kiuwan Engine provides support for Apache Cordova framework, including new rules that you can find selecting Cordova framework.
Specific rules addressed to Cordova:
- OPT.HTML.CORDOVA.ShouldUseContentSecurityPolicy
- OPT.JAVASCRIPT.CORDOVA.AvoidClickEvent
- OPT.JAVASCRIPT.CORDOVA.AvoidEnabledDebugMode
- OPT.JAVASCRIPT.CORDOVA.InsecureAndroidMinSdkVersion
- OPT.JAVASCRIPT.CORDOVA.TooBroadAccessOrigin
- OPT.JAVASCRIPT.CORDOVA.WhitelistPluginNotInstalled
Support for ASP.NET Razor C# (cshtml)
Razor is an ASP.NET programming syntax used to create dynamic web pages with the C# or VB.NET programming languages.
This new Kiuwan Engine provides support for Razor ASP.NET for C#, providing parsing facilities for .cshtml files.
Kiuwan for Developers (K4D) for Microsoft Visual Studio Code has just been released.
VS Code plugin will facilitate and automate compliance with security normative, quality standards and best practices for several languages.
You can find further info at Kiuwan for Developers for Microsoft Visual Studio CodeBy being able to process .cshtml files, C# security rules improve its capabilties to detect security vulnerabilties.